If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

unit321:
Maybe that is because most of the time all of the securing is being done by volunteers. (At least in my town). I know that most libraries in small towns have a very limited budget to work with so they don't have a lot to spend on security. I am sure if you find the security of your library below your standards that if you asked they may be more than happy to let you help secure it. It would do them a service and it would be a good learning experience for you also.

Not to say that what the paper says is untrue or even slanted, but keep in mind that it is trying to sell you something. Something that is very expensive. And because of it's pay as you play policy, it's a cost that never truly goes away.

Here's a scenario that would probably be a little more cost effective. Simply do not allow users to load illegitimate software on their boxes, how about that?

I've run websense on an enterprise network of more than 3500 users, using the "all-powerful" Cacheflow boxes. I was not impressed. The amount of money you spend is far greater a threat to a healthy business environment than mitigating the risk by putting in a few hours creating a policy all users are forced to follow.

They act as if they are the ONLY ones with the solution when in fact the solution might very well be staring you right in the face.

For windows, how about an enterprise policy? And as for *nix, well, if you can't figure THAT out, I'm certainly not going to help you.

Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
- Samuel Johnson

Originally posted here by hobbdebub unit321:
Maybe that is because most of the time all of the securing is being done by volunteers. (At least in my town). I know that most libraries in small towns have a very limited budget to work with so they don't have a lot to spend on security. I am sure if you find the security of your library below your standards that if you asked they may be more than happy to let you help secure it. It would do them a service and it would be a good learning experience for you also.

I also volenteer at the library I teach classes on computers and security and stuff. I have submitted many exploits, flaws, and patches/solutions to library security managers, not ONE has been taken seriously or had something done about it. For instance the timer on the computers can be done with a ctrl+alt+delete and you can create your own accounts on computers enabling you to install trojans, delete files, and otherwise raise hell. This is a serious problem at the library. I suprisingly see many people commiting dirty deeds on libarary computers. Also in the lah pwds are sent in the clear! Hello! Anybody home! What about a simple encryption system for the lan or something. Quite frankly library securit, at least what ive seen is pathetic.

if you have time be sure to drop my my website at www.johnscompany.net